package com.example.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;

/**
 * @author xyl
 * @date 2020-12-08 21:06
 * @desc
 */
@RestController
public class TestController {

    @PreAuthorize("hasRole('USER')")
    @RequestMapping("/user/aa")
    public String testcc(HttpServletRequest request){
        return request.getSession().getId();
    }


    @PreAuthorize("hasRole('ADMIN')")
    @RequestMapping("/admin/aa")
    public String testccdd(HttpServletRequest request){
        return request.getSession().getId();
    }
}
